2. Malicious with catastrophic
consequences
Catastrophic but not
Malicious
Malicious but harmless
Harmless and not malicious
Catastrophic
Harmless
MaliciousNon
Malicious
3. Threats Vulnerabilities
• Humans / Experts
• Viruses / Trojans / Worms
• Phishing Attacks
• Network Travelling Worms
• Advanced Persistent Threats
• Malware / Ransomware
• Password Attacks
• Denial of Service Attacks
• Humans / Users
• Unpatched OS and Software
• Mobile computing devices
• Portable data storage devices
• Identity Protection / Passwords
• WiFi Networks
• End Point Devices / Servers
• Sensitive Data Encryption
External / Internal Internal
4. • Humans
• Viruses / Trojans
• Phishing Attacks
• Network Travelling Worms
• Advanced Persistent Threats
• Malware / Ransomware
• Password Attacks
• Denial of Service Attacks
Threats Vulnerabilities
• Humans
• Unpatched OS and Software
• Mobile computing devices
• Portable data storage devices
• Identity Protection
• WiFi Networks
• Passwords
• Sensitive Data Encryption
External / Internal Internal
5. Weak links = Vulnerabilities
Which sometimes lead to ….
14. What are the options?
What are the priorities?
Is funding available?
Data Locations: On Premise, 3rd Parties, Cloud
Business Continuity: Security Vs mobility
Right expertise: In-house or Outsourced
Right approach: Tactical or Strategic
Are procedures for Security Incidents clearly
documented, communicated and understood?
Ownership and accountability
16. Analyse Prioritise Plan Execute
Educate
End Users
Protect
Endpoint
Devices
Protect
Network
Protect
Mobile
Devices
Protect
Removable
Media
Patch All
Software
Review 3rd
Party Data
Policies
Monitor
Stringent
Access
Controls
ClearPolicies
17. NHS Suffered 7000 data breaches 2012-2014
◦ It led to 32 resignations and 1 court case
◦ In 50 cases data shared on social media
◦ NHS hard drives with patient data sold on eBay
◦ 115 occasions – Staff accessed own records
◦ Mostly not deliberate or malicious
◦ Mostly poor training cited as the main reason
To do Nothing is not an Option
Protection of patient data is paramount
And the buck stops with YOU!